iangcarroll / cookiemonsterView external linksLinks
πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
β966Jan 10, 2025Updated last year
Alternatives and similar repositories for cookiemonster
Users that are interested in cookiemonster are comparing it to the libraries listed below
Sorting:
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,287Aug 7, 2025Updated 6 months ago
- Contextual Content Discovery Toolβ3,085Apr 29, 2024Updated last year
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,021Jun 24, 2024Updated last year
- Hidden parameters discovery suiteβ2,015Sep 8, 2024Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,755May 22, 2024Updated last year
- Rust-based high performance domain permutation generator.β297Dec 2, 2023Updated 2 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,042Aug 14, 2024Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ946Dec 31, 2021Updated 4 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,285Jan 26, 2024Updated 2 years ago
- Obtain GraphQL API schema even if the introspection is disabledβ1,383Dec 5, 2025Updated 2 months ago
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,262Jan 28, 2026Updated 2 weeks ago
- declutters url lists for crawling/pentestingβ1,522Feb 23, 2025Updated 11 months ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,821Jan 1, 2025Updated last year
- Prototype Pollution and useful Script Gadgetsβ1,581Jan 27, 2024Updated 2 years ago
- Filter and enrich a list of subdomains by levelβ210Sep 25, 2023Updated 2 years ago
- Gotator is a tool to generate DNS wordlists through permutations.β503Jul 17, 2022Updated 3 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,145Jan 21, 2026Updated 3 weeks ago
- Reverse proxies cheatsheetβ1,855Nov 4, 2023Updated 2 years ago
- IIS shortname scanner written in Goβ355Mar 25, 2023Updated 2 years ago
- An IIS short filename enumeration toolβ1,109Nov 25, 2024Updated last year
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,059Jan 2, 2024Updated 2 years ago
- Pull out bits of URLs provided on stdinβ1,284Aug 12, 2023Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β749Dec 19, 2023Updated 2 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ642Jul 7, 2025Updated 7 months ago
- A collection of hacks and one-off scriptsβ2,418Mar 13, 2025Updated 11 months ago
- Client Side Prototype Pollution Scannerβ524Sep 17, 2022Updated 3 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β975Jan 12, 2024Updated 2 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,038Aug 23, 2025Updated 5 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,515Jan 15, 2026Updated 3 weeks ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pagβ¦β528Apr 23, 2025Updated 9 months ago
- Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.β265Feb 5, 2026Updated last week
- β561Mar 27, 2025Updated 10 months ago
- β435Jun 1, 2021Updated 4 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,044Jan 3, 2025Updated last year
- Rockyou for web fuzzingβ3,014Aug 28, 2025Updated 5 months ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β657Aug 28, 2025Updated 5 months ago
- Making Favicon.ico based Recon Great again !β1,261Aug 29, 2023Updated 2 years ago
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filteringβ¦β1,588Updated this week
- A rapid API for the Project Sonar datasetβ658May 5, 2023Updated 2 years ago